Multiple server documentation?

Reposting this here as a new thread rather than as the reply to the 3.0.0.9 thread where I originally put it.

Is there any documentation on setting up multiple servers? I've poked around in the latest download and don't see it yet.

By multiple servers I am referring to separating services. Email on one box, web on another box, etc.

Can multiple, redundant, DNS servers be set up? Can the ISPConfig DNS server act as a master with slave installations updating from it?

Can web sites be set up on multiple boxes? Can email be set up on multiple boxes? We have a couple of domains that have been in use for a LONG time. When we point the MX records to those domains they will instantly begin getting hammered with hundreds of thousands of spams daily. They should each be on their own separate machine.

How well does an ISPConfig setup handle REJECTing spam (not BOUNCEing it)? Can the end-user email users adjust their own spam settings or are spam settings strictly a site-wide thing?

Is any of this documented in SVN since I don't see the info in the tarball?

OK, let's get started. (of course, no need for the HUGE quotes in followups).

Setting up multiple servers.

First, I don't want extra services running on machines that don't need them. If I set up a machine that is supposed to have web host and DNS services I only want an SMTP daemon for handling local system user mail for delivering notifications to the "real" mail server box(es).

I am currently more in need of a new email server than anything else. Can I set up JUST email services for 2 or 3 domains now and get the rest set up in a sane manner later?

Can the amavis part be set up to run on a machine separate from the actual mail server(s)? When previously running in house mail servers we had to set up a separate amavisd spam/virus scanning gateway to keep the actual user mail server from getting so bogged down that the users started having problems accessing it.

Right now I have ONE server free for install/testing. It's the old amavisd gateway. Our in-house mail server is still being used by a few customers who are having issues with outgoing mail on the service we chose for outsourcing.

Where do I start? Does ISPConfig have to be installed on each machine separately? If yes, then how does one handle putting different domains on different machines?

No separate spam gateway -- that's gonna hurt. When we took the mail server offline to switch to an outsourced solution (that isn't working out very well) our primary domain was processing nearly 500,000 messages daily, only about 30,000 of those were non-spam.

I've cleared a server for the initial install. Should be interesting since it needs to use a name/setup that's already running on another server.

I'll try to document my steps as I go along so this can become a howto thread.

You can use a separate spam gateway, but you wil have to modify the postfix master.cf manually after you installed ispconfig.

Click to expand...

I'm going to try to get started on the initial install this evening to see what I'm dealing with. Things like "Can the email users adjust spam scoring rules or only the score that passes/fails?" If we have to manage the rules for all customers it adds a LOT of man-hours to our support queue. Spam is the primary reason we outsourced mail services. We're looking for a solution now that will allow the end-email-user himself to choose what is and what is not spam.

I spotted the old roadmap posts and did a quick read through it. It mentions using Exim rather than Postfix but the install text in the tarball says to install Postfix/Courier/et al. Did the roadmap plan change back to Postfix?

Also, the install text file in the tarball for Debian is still using "apt-get install xxx". Current Debian instructions (as of Etch) suggest always using aptitude from now forward. Aptitude command line is essentially the same as apt-get --- "aptitude install xxx".

Exim is not supported by ISPConfig. Only a very early version supported exim.

apt-get is working fine thats why it is used in the instructions. If you prefer aptitude you may use that, I will stay with apt as long as it works for me and I had situations were apt worked better then aptitude just a few days ago with lenny.

Not with correct records as the ispconfig permission fields are missing and you will not ba eble to edit these records from within ispconfig without setting the permission info.

Click to expand...

The administrator can edit them, yes? That's all I need for my setup. Clients don't get to edit their own DNS records, they request it then we do it. So, I won't have to assign record to a user as admin can do all of the work.

When the records are imported with this tool the permission records are missing and this can have side affects on the software so that various other functions might stop working or work impeoperly. If you want to use ispconfig you will have to set the permission records manually in the database.

The ones I have created for testing as the admin/superuser are setting the sys_perm_user and sys_perm_group to "ruid" and leaving sys_perm_other empty.

Seems like it would be a simple solution for those who want to convert hundreds of zones from a non-IPSConfig server to use ALTER TABLE to set the value for those fields on a new install.

I'll keep posting my questions/tests in this thread and when I'm done I'll try to collect all the things that worked into some sort of coherent documentation. I'm not a tech writer so whatever I collect will need to be gone over by someone else but it might help.

Till, If I've missed any fields that need to be updated below please let me know.

After following the steps below I created my first test client and the system allowed me to edit the DNS records (as admin) and assign them to the new client. When logging in as the new client it allows me to edit the records.

OK, on a FRESH install (no users/groups/clients created yet, only the admin user)

Grab a copy of your named.conf
Open it with your favorite text editor and edit out EVERYTHING except the domain names, one per line.

If the MyDNS server is on a different machine then I suspect one could create a test domain on that external server, check the database to see what the permissions are set to, then make corrections to the SQL statements.

If the MyDNS server is on a different machine then I suspect one could create a test domain on that external server, check the database to see what the permissions are set to, then make corrections to the SQL statements.

Click to expand...

No. All records that are inserted on the main server have to be written to the datalog (table sys_datalog) in form of a serialized PHP object which contains the differences of the inserted records to be synched to the slave server.